Amendments to the claims, 

Listing of all claims pursuant to 37 CFR 1.121(c) 

This listing of claims will replace all prior versions, and listings, of claims in the 
application: 

1 . (Currently amended) A computer implemented method implemented in a 
computer system having at least a processor and memory for specifying and enforcing 
entitlements for performance of financial transactions, the method comprising: 

providing a hierarchical entitlement structure with inheritance for specifying 
entitlements for performing financial transactions; 

receiving user input for defining a plurality of entitlement groups of said 
hierarchical entitlement structure, wherein each entitlement group has specified 
permissions to perform financial transactions, limits on performance of said financial 
transactions, and membership of each user; 

in response to a particular user request to perform a financial transaction at 
runtime, identifying the particular user's membership in a certain entitlement group; and 

determining whether to allow the particular user to perform the financial 
transaction based on permissions and limits of said hierarchical entitlement structure 
applicable to the particular user's performance of the financial transaction. 

2. (Original) The method of claim 1, wherein said hierarchical entitlement 
structure provides that a given entitlement group inherits permissions provided to its 
parent entitlement group in said hierarchical entitlement structure. 

3. (Original) The method of claim 2, wherein said step of defining a plurality of 
entitlement groups includes restricting permissions inherited by an entitlement group 
from its parent entitlement group in said hierarchical entitlement structure. 

4. (Original) The method of claim 1, wherein said step of defining a plurality of 
entitlement groups includes defining permissions to access particular objects in a 
financial application. 
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5. (Original) The method of claim 4, wherein said step of defining a plurality of 
entitlement groups includes defining permissions to perform functions on said particular 
objects. 

6. (Original) The method of claim 4, wherein at least some of said particular 
objects represent bank accounts. 

7. (Original) The method of claim 1, wherein said limits comprise limitations on 
values of financial transactions to be performed. 

8. (Original) The method of claim 1, wherein said step of defining a plurality of 
entitlement groups includes defining limits comprising a selected one of per-transaction 
limits and cumulative limits over a period of time. 

9. (Original) The method of claim 1 , wherein said step of defining a plurality of 
entitlement groups includes defining permissions applying to a selected one of functions 
of a financial application and objects of a financial application. 

10. (Original) The method of claim 1, wherein said step of defining a plurality of 
entitlement groups includes defining limits applicable to individual users. 

11. (Original) The method of claim 1, wherein said step of defining a plurality of 
entitlement groups includes defining limits applicable collectively to members of an 
entitlement group. 

12. (Original) The method of claim 1, wherein said step of defining a plurality of 
entitlement groups includes defining limits applying collectively to a particular 
entitlement group and children entitlement groups of said particular entitlement group in 
said hierarchical entitlement structure. 

13. (Original) The method of claim 1, further comprising: 
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tracking financial transactions performed for purposes of determining compliance 
with limits. 

14. (Original) The method of claim 13, wherein said step of tracking financial 
transactions performed includes maintaining running total values of financial transactions 
performed in cache for improved performance. 

15. (Original) The method of claim 14, wherein said step of determining whether 
to allow the particular user to perform the financial transaction includes determining 
whether any limits have been exceeded based on the running total values and the value of 
the financial transaction requested by the particular user. 

16. (Original) The method of claim 1 , further comprising: 

maintaining permission information for entitlement groups in the hierarchical 
entitlement structure in cache to improve system performance. 

17. (Original) The method of claim 16, wherein said permission information is 
modeled as three-tuples representing negative permissions. 

18. (Original) The method of claim 1, wherein permissions provided to an 
entitlement group include permissions to administer a certain other entitlement group. 

19. (Original) The method of claim 18, wherein permissions to administer a 
particular entitlement group include modifying permissions of said certain other 
entitlement group. 

20. (Original) The method of claim 18, wherein said permissions to administer a 
certain other entitlement group are subject to limitations defined for the entitlement group 
having said permissions to administer. 

21 . (Original) The method of claim 1, wherein permissions provided to an 
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entitlement group include permissions to extend a certain other entitlement group. 

22. (Original) The method of claim 21, wherein permissions to extend a certain 
other entitlement group include permissions to define a child entitlement group of said 
particular entitlement group. 

23. (Canceled). 

24. (Currently amended) The method of claim 1, further comprising: 

Aa downloadable set of processor-executable instructions for performing the 
method of claim 1 . 

25. (New) A system for specifying and enforcing entitlements for performance of 
financial transactions, the system comprising: 

a computer having at least a processor and memory; 

a hierarchical entitlement structure with inheritance for specifying entitlements 
for performing financial transactions; 

a user input module for specifying a plurality of entitlement groups of said 
hierarchical entitlement structure, wherein each entitlement group has specified 
permissions to perform financial transactions, limits on performance of said financial 
transactions, and user membership; and 

an enforcement module for determining, in response to a particular user's request 
to perform a given financial transaction at runtime, whether to allow the particular user to 
perform the financial transaction based on permissions and limits of said hierarchical 
entitlement structure applicable to the entitlement group of which the particular user is a 
member. 

26. (New) The system of claim 25, wherein said hierarchical entitlement structure 
provides that a given entitlement group inherits permissions provided to its parent 
entitlement group in said hierarchical entitlement structure. 
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27. (New) The system of claim 26, wherein said plurality of entitlement groups 
includes a child entitlement group inheriting permissions from its parent entitlement 
group in said hierarchical entitlement structure; wherein restrictions are applied to the 
permissions inherited by such child inheritance group. 

28. (New) The system of claim 25, wherein said permissions to perform financial 
transactions include permissions to access particular objects in a financial application. 

29. (New) The system of claim 28, wherein said step wherein said permissions to 
perform financial transactions include permissions to perform functions on said particular 
objects. 

30. (New) The system of claim 28, wherein at least some of said particular 
objects represent bank accounts. 

3 1 . (New) The system of claim 25, wherein said limits comprise limitations on 
values of financial transactions to be performed. 

32. (New) The system of claim 31, wherein limitations on values of financial 
transactions to be performed comprise a selected one of per-transaction limits and 
cumulative limits over a period of time. 

33. (New) The system of claim 25, wherein said permissions to perform financial 
transactions include permissions applying to a selected one of functions of a financial 
application and objects of a financial application. 

34. (New) The system of claim 25, wherein said specifying a plurality of 
entitlement groups includes specifying limits applicable to individual users. 

35. (New) The system of claim 25, wherein said specifying a plurality of 
entitlement groups includes specifying limits applicable collectively to members of an 
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entitlement group. 

36. (New) The system of claim 25, wherein said specifying a plurality of 
entitlement groups includes specifying limits applying collectively to a particular 
entitlement group and children entitlement groups of said particular entitlement group in 
said hierarchical entitlement structure. 

37. (New) The system of claim 25, further comprising: 

a module for tracking financial transactions performed for purposes of 
determining compliance with limits. 

38. (New) The system of claim 37, wherein said module for tracking financial 
transactions performed maintains running total values of financial transactions performed 
in cache memory of the computer. 

39. (New) The system of claim 38, wherein said enforcement module determines 
whether to allow the particular user to perform the financial transaction based, at least in 
part, on said running total values and the value of the financial transaction requested by 
the particular user. 

40. (New) The system of claim 25, further comprising: 

a module for maintaining permission information for entitlement groups in the 
hierarchical entitlement structure in cache memory of the computer. 

41 . (New) The system of claim 40, wherein said permission information is 
modeled as three-tuples representing negative permissions. 

42. (New) The system of claim 25, wherein permissions provided to an 
entitlement group include permissions to administer a certain other entitlement group. 

43. (New) The system of claim 42, wherein permissions to administer a particular 
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entitlement group include modifying permissions of said certain other entitlement group. 

44. (New) The system of claim 42, wherein said permissions to administer a 
certain other entitlement group are subject to limitations defined for the entitlement group 
having said permissions to administer. 

45. (New) A method for defining and enforcing permissions and limits on 
performance of financial transactions in a banking system implemented in a computer 
system having at least a processor and memory, the method comprising: 

receiving user input defining a plurality of entitlement groups, wherein each 
entitlement group has specified users, permissions to perform financial transactions and 
limits on performance said financial transactions; 

organizing said plurality of entitlement groups into hierarchical structure with 
inheritance specifying permissions and limits for performing financial transactions; 

in response to a particular user request to perform a financial transaction in the 
banking system at runtime, identifying the particular user's membership in a certain 
entitlement group; and 

determining whether to allow the particular user to perform the financial 
transaction based on permissions and limits of said hierarchical entitlement structure 
applicable to the particular user's performance of the financial transaction. 
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